all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Device Tracking via Linux's New TCP Source Port Selection Algorithm (Extended Version). (arXiv:2209.12993v1 [cs.CR])

Add to bookmarks
Sept. 28, 2022, 1:20 a.m. | Moshe Kol, Amit Klein, Yossi Gilad

cs.CR updates on arXiv.org arxiv.org

We describe a tracking technique for Linux devices, exploiting a new TCP
source port generation mechanism recently introduced to the Linux kernel. This
mechanism is based on an algorithm, standardized in RFC 6056, for boosting
security by better randomizing port selection. Our technique detects collisions
in a hash function used in the said algorithm, based on sampling TCP source
ports generated in an attacker-prescribed manner. These hash collisions depend
solely on a per-device key, and thus the set of collisions …

algorithm device device tracking linux port tcp tracking version

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Assessing the Solvency of Virtual Asset Service Providers: Are Current Standards Sufficient? 10 hours ago | arxiv.org
arxiv asset business can +22
Label Inference Attacks against Node-level Vertical Federated GNNs 10 hours ago | arxiv.org
arxiv attacks cs.cr cs.lg +16
One-shot Empirical Privacy Estimation for Federated Learning 10 hours ago | arxiv.org
adversary algorithms arxiv auditing +12
Transferability Ranking of Adversarial Examples 10 hours ago | arxiv.org
adversarial arxiv assurance attackers +12
When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems 10 hours ago | arxiv.org
artificial artificial intelligence arxiv authentication +12
A survey on hardware-based malware detection approaches 10 hours ago | arxiv.org
arxiv computer computer security cs.cr +15
Explainable Ponzi Schemes Detection on Ethereum 10 hours ago | arxiv.org
applications arxiv blockchain cs.cr +11
KDk: A Defense Mechanism Against Label Inference Attacks in Vertical Federated Learning 10 hours ago | arxiv.org
arxiv attacks cs.cr cs.lg +8
Privacy-Preserving UCB Decision Process Verification via zk-SNARKs 10 hours ago | arxiv.org
algorithm application arxiv balance +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands
View on infosec-jobs.com

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
View on infosec-jobs.com

Data Security Architect

@ Accenture Federal Services | Washington, DC
View on infosec-jobs.com

Identity Security Administrator

@ SailPoint | Pune, India
View on infosec-jobs.com
View more jobs